class AdminController < ApplicationController
  layout "login"
  
  def login
    if request.post?
      user = User.authenticate params[:perm], params[:password]
      if user
        session[:user_id] = user.id
        uri = session[:original_uri]
        session[:original_uri] = nil
        redirect_to(uri || {:controller => "books", :action => "index"})
      else
        flash.now[:error] = "Invalid perm/password!"
      end
    end
  end

  def logout
    reset_session
    flash[:notice] = "Logged out!"
    redirect_to(:action => "login")
  end

end
